Commit graph

13151 commits

Author SHA1 Message Date
Gilles Peskine
7747efce14 Pylint: allow using pass even when not strictly necessary
If we take the trouble of using pass, it's because we think the code
is clearer that way. For example, Pylint 2.4 rejects pass in

    def foo():
        """Do nothing."""
        pass

But relying on a docstring as the sole code is weird, hence the use of
pass.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine
8b022359e8 Pylint: minor code simplifications
Simplify the code in minor ways. Each of this changes fixes a warning
from Pylint 2.4 that doesn't appear with Pylint 1.7.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine
184c096e95 Pylint: abide by useless-object-inheritance warnings
Inheriting from object is a remainder of Python 2 habits and is just
clutter in Python 3.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine
dd4c1c6fe7 mbedtls_test.py: drop compatibility with Python 2
Python 2 is no longer supported upstream. Actively drop compatibility
with Python 2.

Removing the inheritance of a class on object pacifies recent versions
of Pylint (useless-object-inheritance).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine
aaee444c68 Document more methods in Python scripts
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-11 20:23:22 +02:00
Gilles Peskine
e62bdefce1
Merge pull request #3181 from gilles-peskine-arm/basic-build-test-status-with-deprecated
Fix failure detection and failures in basic-build-test.sh with SSL3 in basic-build-test
2020-04-10 15:07:01 +02:00
Gilles Peskine
c877c24ed0 Enable extra features that have tests
The "full" configuration excludes some deprecated or experimental
features. Enable the ones that have tests, don't have extra
requirements and don't turn off some other feature.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:52 +02:00
Gilles Peskine
b3d0bab10b MBEDTLS_MEMORY_BACKTRACE is no longer included in the full config
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:52 +02:00
Gilles Peskine
40be51ffe3 Add a few echo statements to make the logs easier to follow
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:33:50 +02:00
Gilles Peskine
bfcb6e16ab Create a large enough seedfile
The seedfile needs to have the size of the entropy accumulator, which
is 64 bytes (512 bits) since the entropy accumulator uses SHA-512 and
the seed size needs to be the same as the hash output (or larger).

We used to enable MBEDTLS_ENTROPY_FORCE_SHA256 in the full config, so
the entropy accumulator was 256 bits (32 bytes), and therefore a
32-byte seedfile worked. But we no longer turn on this option in the
full config, so the 32-byte seedfile no longer works.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:09 +02:00
Gilles Peskine
5757d54261 If 'make lcov' failed, exit immediately
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:02 +02:00
Gilles Peskine
ca51b474dc Note that we keep going even if some tests fail
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-10 11:30:00 +02:00
Gaurav Aggarwal
a4a2aa5169 Address review comments
- Use switch case instead of loop to generate faster code
- Add #if defined to address compiler error

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-09 11:58:24 -07:00
Gilles Peskine
6d6ee98c14 Exit with a failure status if some tests failed
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-09 18:28:14 +02:00
Janos Follath
105c99624a
Merge pull request #681 from ARMmbed/prepare-rc-2.22.0-updated
Prepare rc 2.22.0 updated
2020-04-09 14:12:10 +01:00
Jaeden Amero
66e21efe47
Merge pull request #3163 from AndrzejKurek/variable-buffers-renegotiation
Variable buffers & renegotiation - fixes
2020-04-09 12:11:02 +01:00
Manuel Pégourié-Gonnard
28482397d3 Merge branch 'development-restricted' into prepare-rc-2.22.0-updated
* development-restricted:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 12:17:11 +02:00
Manuel Pégourié-Gonnard
215d2e14a3 Merge remote-tracking branch 'restricted/pr/662' into development-restricted
* restricted/pr/662:
  Parse HelloVerifyRequest buffer overread: add changelog entry
  Parse HelloVerifyRequest: avoid buffer overread at the start
  Parse HelloVerifyRequest: avoid buffer overread on the cookie
2020-04-09 11:53:01 +02:00
Gaurav Aggarwal
a9f64006ea Add support for const error description strings
Problem
-------
mbedtls_strerror is a utility function which converts an mbedTLS error code
into a human readable string. It requires the caller to allocate a buffer every
time an error code needs to be converted to a string. It is an overkill and a
waste of RAM for resource constrained microcontrollers - where the most common
use case is to use these strings for logging.

Solution
--------
The proposed commit adds two functions:

* const char * mbedtls_high_level_strerr( int error_code );
* const char * mbedtls_low_level_strerr( int error_code );

The above two functions convert the high level and low level parts of an mbedTLS
error code to human readable strings. They return a const pointer to an
unmodifiable string which is not supposed to be modified by the caller and only
to be used for logging purposes. The caller no longer needs to allocate a
buffer.

Backward Compatibility
----------------------
The proposed change is completely backward compatible as it does not change
the existing mbedtls_strerror function and ensures that it continues to behave
the same way.

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>
2020-04-09 01:44:52 -07:00
Janos Follath
940bc0048c Add missing ChangeLog entry
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-09 09:34:47 +01:00
Andrzej Kurek
8ea6872889
Improve pointer calculations when resizing I/O buffers
This commit introduces two changes:
- Add in_msg and out_msg calculations for buffer upsizing. This was previously
considered as unnecessary, but renegotiation using certain ciphersuites needs
this.
- Improving the way out_msg and in_msg pointers are calculated, so that even 
if no resizing is introduced, the pointers remain the same;

New tests added:
- various renegotiation schemes with a range of MFL's and ciphersuites;
- an ssl-opt.sh test exercising two things that were problematic: renegotiation
with TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 and a server MFL that's smaller
than the one negotiated by the client.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:33:00 -04:00
Andrzej Kurek
90c6e84a9c
Split the maximum fragment length into two - an input and output MFL
Since the server might want to have a different maximum fragment length
for the outgoing messages than the negotiated one - introduce a new way of
computing it. This commit also adds additional ssl-opt.sh tests ensuring
that the maximum fragment lengths are set as expected. 
mbedtls_ssl_get_max_frag_len() is now a deprecated function,
being an alias to mbedtls_ssl_get_output_max_frag_len(). The behaviour
of this function is the same as before.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2020-04-09 04:30:34 -04:00
Manuel Pégourié-Gonnard
e52fd3fa55 Fix integer overflow in benchmark program
When building with MBEDTLS_MEMORY_DEBUG enabled, and running the ecdh part,
the benchmark program would start writing a very large number of space
characters on stdout, and would have to be killed because it never seemed to
terminate.

This was due to an integer overflow in computing how many space to leave after
the title in order to get memory measurements aligned, which resulted in up
to SIZE_MAX spaces being printed.

This commit just fixes the overflow, the next commit is going to fix the magic
number (12).

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-09 10:11:17 +02:00
Janos Follath
876e0259d5 Bump version to Mbed TLS 2.22.0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 17:15:18 +01:00
Janos Follath
ee85686339 Add missing ChangeLog entry
The MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH build option has been added since
the last release, but there was no entry for it in the ChangeLog.

Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 16:58:36 +01:00
Janos Follath
dca973bbeb Merge branch 'development-restricted' into mbedtls-2.22.0r0
Signed-off-by: Janos Follath <janos.follath@arm.com>
2020-04-08 15:11:40 +01:00
Guilhem Bryant
0c9b1955ca Return internal error if no PSK is found when deriving the premaster secret
Signed-off-by: Guilhem Bryant <Guilhem.Bryant@arm.com>
2020-04-08 13:06:49 +01:00
Gilles Peskine
4500e83fe4
Merge pull request #3156 from mpg/improve-make-tags
Improve ctags invocation in Makefile
2020-04-06 17:48:44 +02:00
Gilles Peskine
54e1c30d1b
Merge pull request #3160 from gilles-peskine-arm/hkdf_expand-initialize_t-development
hkdf_expand: explicitly initialize t
2020-04-06 16:34:31 +02:00
Janos Follath
ea6af48b7e
Merge pull request #675 from mpg/ecc-projective-restricted
Fix leakage of projective coordinates in ECC
2020-04-06 15:23:26 +01:00
danh-arm
6d41f4cc42
Merge pull request #3122 from mpg/drafts-became-rfcs
Update references from drafts to RFCs in config.h
2020-04-06 09:54:53 +01:00
Manuel Pégourié-Gonnard
15f30dc7e6 Merge remote-tracking branch 'public/pr/2856' into development
* public/pr/2856:
  Fix issue  #2718 (condition always false)
2020-04-06 10:15:49 +02:00
Gilles Peskine
7f9e529fee
Merge pull request #3135 from gilles-peskine-arm/changelog-assemble-text
Switch to the classic Mbed TLS ChangeLog format
2020-04-03 22:29:06 +02:00
Guilhem Bryant
03d3711bb1 Fix bracket style
Signed-off-by: Guilhem Bryant <Guilhem.Bryant@arm.com>
2020-04-03 18:21:19 +01:00
Carlos Gomes Martinho
77764da7cb chore: irgnore build directory in repository
Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-03 09:47:44 +02:00
Carlos Gomes Martinho
227a9db71e docs: show cross platform instructions
Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-03 09:44:54 +02:00
Carlos Gomes Martinho
a5f0bd34b6 build: add option to treat compiler warnings as errors
Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-03 09:44:54 +02:00
Carlos Gomes Martinho
f64db80448 build: do not treat compiler warnings as errors for unsafe builds with msvc
this is the same behaviour as with gcc and clang

Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-03 09:44:54 +02:00
Gilles Peskine
3ab121a603 hkdf_expand: explicitly initialize t
t is never used uninitialized, since the first loop iteration reads 0
bytes of it and then writes hash_len bytes, and subsequent iterations
read and write hash_len bytes. However this is somewhat fragile, and
it would be legitimate for a static analyzer to be unsure.

Initialize t explicitly, to make the code clearer and more robust, at
negligible cost.

Reported by Vasily Evseenko in
https://github.com/ARMmbed/mbedtls/pull/2942
with a slightly different fix.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-02 19:54:51 +02:00
Gilles Peskine
60d6516c60 Fix whitespace style
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-02 19:50:00 +02:00
Gilles Peskine
3124164f81
Merge pull request #3132 from mpg/fix-reconnect
Fix issues in handling of client reconnecting from the same port
2020-04-02 19:21:01 +02:00
Ronald Cron
67a8a37b91 unit test: Indicate missing unmet dependencies
The identifiers of the unmet dependencies of a test case are
stored in a buffer of fixed size that can be potentially to
small to store all the unmet dependencies. Indicate in test
reports if some unmet dependencies are missing.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-04-02 14:18:49 +02:00
Ronald Cron
e1a05a534a unit tests main: Fix potential buffer overflow
Fix potential buffer overflow when tracking the unmet dependencies
of a test case. The identifiers of unmet dependencies are stored
in an array of fixed size. Ensure that we don't overrun the array.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-04-02 14:18:26 +02:00
Manuel Pégourié-Gonnard
c9f8956065 Allow alternative ctags versions in Makefile
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-02 12:10:45 +02:00
Manuel Pégourié-Gonnard
9039dc401f Improve ctags invocation in Makefile
Adding .function was necessary, as otherwise ctags would have no idea what to
do with those files.

Adding .h may not be necessary, as by default ctags considers them C++ which
is probably good enough, but since we're tuning the mapping anyway...

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2020-04-02 11:34:34 +02:00
Gilles Peskine
2ae678d238 Systematically use Windows line endings in Windows files
Don't mix Windows and Unix line endings, it's the worst of both worlds.

Update the Visual Studio templates and regenerate the generated files.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 13:42:24 +02:00
Gilles Peskine
0f3f9c3c73 Fix a stray CR inside a line
Use CRLF consistently instead of cobbling a \r here and a \n there.

The generated files don't change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 13:42:12 +02:00
Gilles Peskine
d703a2ee19 In Windows files, detect CR without LF as well as LF without CR
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-04-01 13:37:16 +02:00
Manuel Pégourié-Gonnard
65cc9a2e68
Merge pull request #3148 from danh-arm/dh/issue-template-question
Direct questions to mailing list in issue template
2020-04-01 12:32:10 +02:00
Guilhem Bryant
b5f04e4d84 Properly initialise psk and psk_len
Signed-off-by: Guilhem Bryant <Guilhem.Bryant@arm.com>
2020-04-01 11:25:12 +01:00